The DKIM key has to be generated on FortiMail and file with pre-configured DNS TXT record is made available for download. There is no way however to change any parameter for the DKIM key generation.
Example of downloaded file:
test._domainkey IN TXT ("t=y; k=rsa; p=" "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH83XJcrIv8PRDkmCDh0kq5SyCeo7U3UTsLEP zjOxU/tHojPZ3av/5JNRGVwuEppzXUI0DE+q+qUgpiICXqbbdZpurVz9qPEfyikWpuDxeSmJb5ioUap4OenHOFEM+/UV42B7DCrytXgo+o5btV0sn0eoquR""VK4Hzuixw+uQTuzRlGnBqv0FbUgVBJwYSX9DZdlGjvvmJ f93rZaLhnXzPVUc+PH5JndZkPi6ScM+ZYkaspcCXC5VY1+ZRd16HO1hSgyrE7ciLfiZ9T3oXsNu92 DLX22+oj+k0v5Io7t63IgpyKc3TI9hQL7oNy07MKdGrNRsDOMWgEBguvP1Qa+2QwIDAQAB")
Consult the Fortimail Admin Guide in the Fortinet Document Library for more information about DKIM configuration.
In some cases DNS TXT record does not work when inserted to DNS server. With some online validating tools errors for this DNS TXT record can be seen, for example “This is not a good DKIM key record”.
Solution
The maximum single string length of a TXT record is limited to 255 bytes. If the string of a TXT record is longer then the TXT record will not be valid.
As defined in RFC1035, a DNS TXT record can be composed of more than one string. FortiMail creates the DKIM key exactly in this way. The TXT record consists of several string parts enclosed in parenthesis, effectively making the TXT record longer than 255 bytes.
